[et_pb_section fb_built=”1″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n
Indias fintech sector has grown fast in the last few years. Today it is one of the growing markets in the world. India has than 100 fintech companies that are doing very well.. With this fast growth cyberattacks on Indian Financial Institutions have also increased a lot. Nowadays we see news about cyber frauds, data leaks and hacking attempts every day on social media and news platforms.<\/p>\n
Let us look at some cyberattacks that happened in Indian banks.<\/p>\n
[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.27.6″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n
Cyberattack on Union Bank of India.<\/strong><\/span><\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n This incident started when a bank employee opened an email attachment that looked like it came from Reserve Bank of India. This was a case of phishing attack, where hackers used the name of a trusted organization to fool employees. The email was sent to customer care staff, individual officials and e-banking employees. Some employees were alert. Reported the suspicious email to the security team but some employees opened it. The bad thing was that the email had a file instead of a normal PDF or Excel file. Once it was opened the bad code entered the banks network and servers. This gave hackers access to the system. They tried to do a fraud of around $170 million. The main reason behind this attack was that the employees did not know enough about cybercrime and how to stop it. If the staff had been trained to identify suspicious emails this could have been prevented.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.27.6″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” custom_padding=”||0px|||” sticky_enabled=”0″]<\/p>\n Cyberattack on Cosmos Cooperative Bank of Pune.<\/strong><\/span><\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n This case is one of the examples of a malware attack. The banks internal system and ATM infrastructure were compromised. Hackers attacked the system that connects the central banking system and ATM\/POS machines. They put code that made fake payment transfer requests. It also made changes in customer account balances and created fake approvals for ATM withdrawals. As a result the attackers were able to withdraw amounts of money using 450 cloned debit cards in different countries. Since the ATM and POS system verification was affected the transactions were processed without checks.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.27.6″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n Cyberattack on AP Mahesh Cooperative Urban Bank<\/strong><\/span><\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.27.6″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n In this case cybercriminals hacked the banks servers. Got access to the main account. After gaining access they transferred around \u20b912 crore into hundreds of bank accounts. Many accounts were compromised in this incident. Initial investigation by cybersecurity experts suggested that it might have been a job, which means there may have been involvement from someone within the bank itself.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.27.6″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n Cyberattack on Dombivli Nagari Sahakari Bank.<\/span><\/strong><\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n his was also a case of server hacking, where the bank suffered a loss of than \u20b92 lakh. However the bank quickly realized that its server had been compromised and immediately stopped all transactions. Because of this action a much bigger loss was avoided.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.27.6″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n Data Leak at Jana Small Finance Bank.<\/strong><\/span><\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n The database used for KYC verification was not protected by a password. Because of this anyone could access, edit or download customer data and financial transaction details. This exposed millions of documents in the public domain. Soon as the bank became aware of the issue the database was secured immediately. This incident clearly shows the importance of security measures such as password protection and controlled access. From the cases it is clear that cyberattacks on Indian Financial Institutions can happen because of both technical weaknesses and human mistakes.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.27.6″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n To ensure customer safety, it\u2019s crucial for all banks to strictly implement the security measures recommended by the RBI. Doing so can significantly lower the risk of cyberattacks and help protect customers from potential threats.<\/strong><\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_image src=”https:\/\/adviacent.com\/blog\/wp-content\/uploads\/2022\/08\/bank-post.png” alt=”RBI Guidelines To Improve Bank Security” title_text=”RBI Guidelines” _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”31px||||false|false” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”43px||||false|false” global_colors_info=”{}”][\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n Banks and other financial institutions are getting attacked by hackers a lot these days. So the Reserve Bank of India made some important rules to make banking security better and to protect customer information. Here are some of the rules:<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n The Reserve Bank of India says that hackers can attack at any time without warning. So banks need to have a system that checks for threats all the time and responds to them right away. This helps banks find activity early on and prevents big financial losses.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n Technology is very important for banks to work smoothly. It helps banks give customers modern digital services. When customers do transactions banks get a lot of private customer information. So it is the banks job to make sure this information is private, available and safe. Banks also need to protect customer information when other companies are handling it. They need to have systems and procedures in place to take care of customer information from start to finish.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n If a bank has a cybersecurity problem they need to tell the Reserve Bank of India away. It does not matter if the problem is small or big. Telling the Reserve Bank of India helps them keep an eye on threats to all banks and give banks instructions on what to do.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n Banks should keep a list of all their equipment and digital assets alike:\u00a0<\/p>\n 1- Computers and servers<\/p>\n 2- Business applications<\/p>\n 3- Network infrastructure<\/p>\n 4- Software systems<\/p>\n This helps banks manage assets better and rectify problems faster when there is a cyber attack.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n Banks should only use software that they have approved. Using software can let in bad viruses and hackers. So banks need to be very careful about what software they use.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n When banks work with other companies they need to make sure those companies are safe and secure. Even companies that work with banks need to have cybersecurity measures in place because they might be handling customer information.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n Banks need to have a system to protect themselves from malware and cyber threats. The Reserve Bank of India says banks should use:<\/p>\n 1-\u00a0 Web gateways<\/p>\n 2- Deep packet inspection<\/p>\n 3- Website and service whitelisting<\/p>\n 4- Malware prevention systems<\/p>\n These things help stop malware and threat actors from getting into the bank’s system.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n Phishing attacks are very common in the banking world. So banks need to use anti-phishing systems and email security services to block fake emails and websites. This reduces the chance of employees and customers getting tricked by hackers.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n To protect information the Reserve Bank of India says banks should have a plan to prevent data leaks. This plan should focus on minimizing the risk of sharing, downloading or leaking of important customer and bank information.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” custom_margin=”-26px||||false|false” global_colors_info=”{}”]<\/p>\n Banks should regularly test their systems to find weaknesses the systems that are connected to the internet. This helps banks find problems before hackers can exploit them. Regular testing makes the banking system safer and more reliable.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\nThe Reserve Bank of India has some rules to make banks safer.<\/strong><\/h4>\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n